@sphereon/ssi-sdk.mdl-mdoc 0.31.1-next.21 → 0.31.1-next.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/functions/index.d.ts +1 -1
  2. package/dist/functions/index.d.ts.map +1 -1
  3. package/dist/functions/index.js +33 -33
  4. package/dist/functions/index.js.map +1 -1
  5. package/package.json +14 -14
  6. package/src/functions/index.ts +48 -62
package/dist/functions/index.d.ts CHANGED
@@ -36,7 +36,7 @@ export declare class X509CallbackService implements IX509ServiceJS {
36
36
  * @param trustAnchors
37
37
  * @param verificationTime
38
38
  */
39
- verifyCertificateChain({ chain, trustAnchors, verificationTime, opts, }: VerifyCertificateChainArgs): Promise<X509ValidationResult>;
39
+ verifyCertificateChain({ chain, trustAnchors, verificationTime, opts }: VerifyCertificateChainArgs): Promise<X509ValidationResult>;
40
40
  /**
41
41
  * This method is the implementation used within the mDL/Mdoc library
42
42
  */
package/dist/functions/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/functions/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AACvD,OAAO,EAML,oBAAoB,EACrB,MAAM,kCAAkC,CAAA;AAGzC,OAAO,EAAE,gBAAgB,EAAE,0BAA0B,EAAE,MAAM,mBAAmB,CAAA;AAEhF,OAAO,aAAa,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAA;AAC7D,OAAO,YAAY,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAA;AAC3D,OAAO,cAAc,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAA;AAG/D,OAAO,sBAAsB,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAA;AAElF,OAAO,qBAAqB,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,qBAAqB,CAAA;AACxE,OAAO,IAAI,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAA;AACtC,OAAO,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAA;AAC9C,OAAO,cAAc,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,cAAc,CAAA;AAC1D,OAAO,uBAAuB,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,uBAAuB,CAAA;AAI5E,OAAO,uBAAuB,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,uBAAuB,CAAA;AAK5E,OAAO,gBAAgB,GAAG,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,gBAAgB,CAAA;AAE3D,qBAAa,iBAAkB,YAAW,qBAAqB;IACjD,OAAO,CAAC,OAAO,CAAC;gBAAR,OAAO,CAAC,EAAE,gBAAgB,YAAA;IAE9C,UAAU,CAAC,OAAO,EAAE,gBAAgB;IAI9B,SAAS,CAAC,KAAK,EAAE,cAAc,EAAE,cAAc,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,SAAS,CAAC;IA4BvF,YAAY,CAAC,QAAQ,EACzB,KAAK,EAAE,aAAa,CAAC,QAAQ,CAAC,EAC9B,OAAO,EAAE,QAAQ,CAAC,YAAY,CAAC,EAC/B,cAAc,EAAE,QAAQ,CAAC,OAAO,CAAC,GAChC,OAAO,CAAC,sBAAsB,CAAC,YAAY,CAAC,CAAC;IA4FhD,qBAAqB,CAAC,EAAE,SAAS,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,EACvD,OAAO,EAAE,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,GACxC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;CAMrD;AAED;;;;;;GAMG;AACH,qBAAa,mBAAoB,YAAW,cAAc;IACxD,OAAO,CAAC,aAAa,CAAC,CAAe;gBAEzB,YAAY,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC;IAIxC;;;;;OAKG;IACG,sBAAsB,CAAC,EAC3B,KAAK,EACL,YAAqC,EACrC,gBAAgB,EAChB,IAAI,GACL,EAAE,0BAA0B,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAS7D;;OAEG;IACG,wBAAwB,CAAC,OAAO,SAAS,IAAI,EACjD,QAAQ,EAAE,QAAQ,CAAC,SAAS,EAAE,CAAC,EAC/B,QAAQ,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAC,EAC5B,YAAY,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAC,EAChC,mBAAmB,CAAC,EAAE,uBAAuB,GAAG,SAAS,EACzD,gBAAgB,CAAC,EAAE,QAAQ,CAAC,gBAAgB,CAAC,GAC5C,OAAO,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC;IA6B5C,eAAe,uBAAwB,KAAK,CAAC,MAAM,CAAC,UAQnD;IAED,eAAe,6BAA2B;CAC3C"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/functions/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AAEvD,OAAO,EAOL,oBAAoB,EACrB,MAAM,kCAAkC,CAAA;AAKzC,OAAO,EAAE,gBAAgB,EAAE,0BAA0B,EAAE,MAAM,mBAAmB,CAAA;AAEhF,OAAO,aAAa,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAA;AAC7D,OAAO,YAAY,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAA;AAC3D,OAAO,cAAc,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAA;AAG/D,OAAO,sBAAsB,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAA;AAElF,OAAO,qBAAqB,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,qBAAqB,CAAA;AACxE,OAAO,IAAI,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAA;AACtC,OAAO,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAA;AAC9C,OAAO,cAAc,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,cAAc,CAAA;AAC1D,OAAO,uBAAuB,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,uBAAuB,CAAA;AAI5E,OAAO,uBAAuB,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,uBAAuB,CAAA;AAK5E,OAAO,gBAAgB,GAAG,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,gBAAgB,CAAA;AAE3D,qBAAa,iBAAkB,YAAW,qBAAqB;IACjD,OAAO,CAAC,OAAO,CAAC;gBAAR,OAAO,CAAC,EAAE,gBAAgB,YAAA;IAG9C,UAAU,CAAC,OAAO,EAAE,gBAAgB;IAI9B,SAAS,CAAC,KAAK,EAAE,cAAc,EAAE,cAAc,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,SAAS,CAAC;IA4BvF,YAAY,CAAC,QAAQ,EACzB,KAAK,EAAE,aAAa,CAAC,QAAQ,CAAC,EAC9B,OAAO,EAAE,QAAQ,CAAC,YAAY,CAAC,EAC/B,cAAc,EAAE,QAAQ,CAAC,OAAO,CAAC,GAChC,OAAO,CAAC,sBAAsB,CAAC,YAAY,CAAC,CAAC;IAyEhD,qBAAqB,CAAC,EAAE,SAAS,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,EACvD,OAAO,EAAE,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,GACxC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;CAMrD;AAED;;;;;;GAMG;AACH,qBAAa,mBAAoB,YAAW,cAAc;IACxD,OAAO,CAAC,aAAa,CAAC,CAAe;gBAEzB,YAAY,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC;IAIxC;;;;;OAKG;IACG,sBAAsB,CAAC,EACE,KAAK,EACL,YAAqC,EACrC,gBAAgB,EAChB,IAAI,EACL,EAAE,0BAA0B,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAS1F;;OAEG;IACG,wBAAwB,CAAC,OAAO,SAAS,IAAI,EACjD,QAAQ,EAAE,QAAQ,CAAC,SAAS,EAAE,CAAC,EAC/B,QAAQ,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAC,EAC5B,YAAY,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAC,EAChC,mBAAmB,CAAC,EAAE,uBAAuB,GAAG,SAAS,EACzD,gBAAgB,CAAC,EAAE,QAAQ,CAAC,gBAAgB,CAAC,GAC5C,OAAO,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC;IA6B5C,eAAe,uBAAwB,KAAK,CAAC,MAAM,CAAC,UAQnD;IAED,eAAe,6BAA2B;CAC3C"}
package/dist/functions/index.js CHANGED
@@ -34,13 +34,15 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
34
34
  Object.defineProperty(exports, "__esModule", { value: true });
35
35
  exports.X509CallbackService = exports.CoseCryptoService = void 0;
36
36
  const kmp_mdoc_core_1 = require("@sphereon/kmp-mdoc-core");
37
+ const ssi_sdk_ext_key_utils_1 = require("@sphereon/ssi-sdk-ext.key-utils");
37
38
  const ssi_sdk_ext_x509_utils_1 = require("@sphereon/ssi-sdk-ext.x509-utils");
38
39
  const crypto = __importStar(require("crypto"));
39
40
  const pkijs_1 = require("pkijs");
41
+ const u8a = __importStar(require("uint8arrays"));
42
+ var CoseKeyCbor = kmp_mdoc_core_1.com.sphereon.crypto.cose.CoseKeyCbor;
40
43
  var CoseJoseKeyMappingService = kmp_mdoc_core_1.com.sphereon.crypto.CoseJoseKeyMappingService;
41
44
  var DefaultCallbacks = kmp_mdoc_core_1.com.sphereon.crypto.DefaultCallbacks;
42
45
  var SignatureAlgorithm = kmp_mdoc_core_1.com.sphereon.crypto.generic.SignatureAlgorithm;
43
- var Jwk = kmp_mdoc_core_1.com.sphereon.crypto.jose.Jwk;
44
46
  var KeyInfo = kmp_mdoc_core_1.com.sphereon.crypto.KeyInfo;
45
47
  var ResolvedKeyInfo = kmp_mdoc_core_1.com.sphereon.crypto.ResolvedKeyInfo;
46
48
  var DateTimeUtils = kmp_mdoc_core_1.com.sphereon.kmp.DateTimeUtils;
@@ -79,14 +81,14 @@ class CoseCryptoService {
79
81
  algorithm: alg.jose.value,
80
82
  data: encodeTo(value, Encoding.UTF8),
81
83
  encoding: 'utf-8',
82
- keyRef: kmsKeyRef,
84
+ keyRef: kmsKeyRef
83
85
  });
84
86
  return decodeFrom(result, Encoding.UTF8);
85
87
  });
86
88
  }
87
89
  verify1Async(input, keyInfo, requireX5Chain) {
88
90
  return __awaiter(this, void 0, void 0, function* () {
89
- var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p;
91
+ var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o;
90
92
  const getCertAndKey = (x5c) => __awaiter(this, void 0, void 0, function* () {
91
93
  if (requireX5Chain && (!x5c || x5c.length === 0)) {
92
94
  // We should not be able to get here anyway, as the MLD-mdoc library already validated at this point. But let's make sure
@@ -94,12 +96,15 @@ class CoseCryptoService {
94
96
  }
95
97
  // TODO: According to the IETF spec there should be a x5t in case the x5chain is in the protected headers. In the Funke this does not seem to be done/used!
96
98
  issuerCert = x5c ? (0, ssi_sdk_ext_x509_utils_1.pemOrDerToX509Certificate)(x5c[0]) : undefined;
99
+ let issuerJwk;
97
100
  if (issuerCert) {
98
- issuerPublicKey = yield issuerCert.getPublicKey();
101
+ const info = yield (0, ssi_sdk_ext_x509_utils_1.getCertificateInfo)(issuerCert);
102
+ issuerJwk = info.publicKeyJWK;
99
103
  }
100
- return { issuerCert, issuerPublicKey };
104
+ return { issuerCert, issuerJwk };
101
105
  });
102
- if ((_a = keyInfo === null || keyInfo === void 0 ? void 0 : keyInfo.key) === null || _a === void 0 ? void 0 : _a.d) {
106
+ const coseKeyInfo = CoseJoseKeyMappingService.toCoseKeyInfo(keyInfo);
107
+ if ((_a = coseKeyInfo === null || coseKeyInfo === void 0 ? void 0 : coseKeyInfo.key) === null || _a === void 0 ? void 0 : _a.d) {
103
108
  throw Error('Do not use private keys to verify!');
104
109
  }
105
110
  else if (!((_b = input.payload) === null || _b === void 0 ? void 0 : _b.value)) {
@@ -110,44 +115,39 @@ class CoseCryptoService {
110
115
  if (!coseAlg) {
111
116
  return Promise.reject(Error('No alg protected header present'));
112
117
  }
113
- let issuerPublicKey;
114
118
  let issuerCert;
115
- let kid = (_d = (_c = keyInfo === null || keyInfo === void 0 ? void 0 : keyInfo.kid) !== null && _c !== void 0 ? _c : sign1Json.protectedHeader.kid) !== null && _d !== void 0 ? _d : (_e = sign1Json.unprotectedHeader) === null || _e === void 0 ? void 0 : _e.kid;
119
+ let issuerCoseKey;
120
+ let kid = (_d = (_c = coseKeyInfo === null || coseKeyInfo === void 0 ? void 0 : coseKeyInfo.kid) !== null && _c !== void 0 ? _c : sign1Json.protectedHeader.kid) !== null && _d !== void 0 ? _d : (_e = sign1Json.unprotectedHeader) === null || _e === void 0 ? void 0 : _e.kid;
116
121
  // Please note this method does not perform chain validation. The MDL-MSO_MDOC library already performed this before this step
117
- const x5c = (_j = (_g = (_f = keyInfo === null || keyInfo === void 0 ? void 0 : keyInfo.key) === null || _f === void 0 ? void 0 : _f.getX509CertificateChain()) !== null && _g !== void 0 ? _g : (_h = sign1Json.protectedHeader) === null || _h === void 0 ? void 0 : _h.x5chain) !== null && _j !== void 0 ? _j : (_k = sign1Json.unprotectedHeader) === null || _k === void 0 ? void 0 : _k.x5chain;
118
- if (!keyInfo || !(keyInfo === null || keyInfo === void 0 ? void 0 : keyInfo.key) || ((_l = keyInfo === null || keyInfo === void 0 ? void 0 : keyInfo.key) === null || _l === void 0 ? void 0 : _l.x5chain)) {
122
+ const x5c = (_j = (_g = (_f = coseKeyInfo === null || coseKeyInfo === void 0 ? void 0 : coseKeyInfo.key) === null || _f === void 0 ? void 0 : _f.getX509CertificateChain()) !== null && _g !== void 0 ? _g : (_h = sign1Json.protectedHeader) === null || _h === void 0 ? void 0 : _h.x5chain) !== null && _j !== void 0 ? _j : (_k = sign1Json.unprotectedHeader) === null || _k === void 0 ? void 0 : _k.x5chain;
123
+ if (!coseKeyInfo || !(coseKeyInfo === null || coseKeyInfo === void 0 ? void 0 : coseKeyInfo.key) || ((_l = coseKeyInfo === null || coseKeyInfo === void 0 ? void 0 : coseKeyInfo.key) === null || _l === void 0 ? void 0 : _l.x5chain)) {
119
124
  const certAndKey = yield getCertAndKey(x5c);
120
- issuerPublicKey = certAndKey.issuerPublicKey;
125
+ issuerCoseKey = certAndKey.issuerJwk ? CoseJoseKeyMappingService.toCoseKey(certAndKey.issuerJwk) : undefined;
121
126
  issuerCert = certAndKey.issuerCert;
122
127
  }
123
- else {
124
- const jwkKeyInfo = CoseJoseKeyMappingService.toJwkKeyInfo(keyInfo);
125
- if (!(jwkKeyInfo === null || jwkKeyInfo === void 0 ? void 0 : jwkKeyInfo.key)) {
128
+ if (!issuerCoseKey) {
129
+ if (!(coseKeyInfo === null || coseKeyInfo === void 0 ? void 0 : coseKeyInfo.key)) {
126
130
  return Promise.reject(Error(`Either a x5c needs to be in the headers, or you need to provide a key for verification`));
127
131
  }
128
- const jwk = jwkKeyInfo.key;
129
132
  if (kid === null) {
130
- kid = jwk.kid;
133
+ kid = coseKeyInfo.key.getKidAsString(false);
131
134
  }
132
- let keyAlg = (_m = jwk.kty) !== null && _m !== void 0 ? _m : 'ECDSA';
133
- const crv = (_p = (_o = jwk.crv) === null || _o === void 0 ? void 0 : _o.value) !== null && _p !== void 0 ? _p : 'P-256';
134
- issuerPublicKey = yield crypto.subtle.importKey('jwk', Object.assign(Object.assign(Object.assign({ kty: jwk.kty.value, crv }, (jwk.x5c && { x5c: jwk.x5c })), (jwk.x && { x: jwk.x })), (jwk.y && { y: jwk.y })), {
135
- name: keyAlg.value === 'EC' ? 'ECDSA' : keyAlg.value,
136
- namedCurve: crv,
137
- }, true, ['verify']);
135
+ issuerCoseKey = CoseKeyCbor.Static.fromDTO(coseKeyInfo.key);
138
136
  }
139
- const exportedJwk = yield crypto.subtle.exportKey('jwk', issuerPublicKey);
140
- const crv = exportedJwk.crv;
141
- const coseKey = Jwk.Static.fromDTO(exportedJwk).jwkToCoseKeyJson();
142
- const coseKeyInfo = CoseJoseKeyMappingService.toCoseKeyInfo(keyInfo !== null && keyInfo !== void 0 ? keyInfo : new KeyInfo(kid, coseKey.toCbor()));
143
- const recalculatedToBeSigned = input.toBeSignedJson(coseKeyInfo, SignatureAlgorithm.Static.fromCose(coseAlg));
144
- const valid = yield crypto.subtle.verify(Object.assign(Object.assign({}, issuerPublicKey.algorithm), { hash: (crv === null || crv === void 0 ? void 0 : crv.includes('-')) ? `SHA-${crv.split('-')[1]}` : 'SHA-256' }), issuerPublicKey, decodeFrom(sign1Json.signature, Encoding.BASE64URL), decodeFrom(recalculatedToBeSigned.base64UrlValue, Encoding.BASE64URL));
137
+ const issuerCoseKeyInfo = new KeyInfo(kid, issuerCoseKey, coseKeyInfo.opts, coseKeyInfo.keyVisibility, (_m = issuerCoseKey.getSignatureAlgorithm()) !== null && _m !== void 0 ? _m : coseKeyInfo.signatureAlgorithm, x5c, coseKeyInfo.kmsKeyRef, coseKeyInfo.kms, (_o = coseKeyInfo.keyType) !== null && _o !== void 0 ? _o : issuerCoseKey.getKty());
138
+ const recalculatedToBeSigned = input.toBeSignedJson(issuerCoseKeyInfo, SignatureAlgorithm.Static.fromCose(coseAlg));
139
+ const key = CoseJoseKeyMappingService.toJoseJwk(issuerCoseKeyInfo.key).toJsonDTO();
140
+ const valid = yield (0, ssi_sdk_ext_key_utils_1.verifyRawSignature)({
141
+ data: u8a.fromString(recalculatedToBeSigned.base64UrlValue, 'base64url'),
142
+ signature: u8a.fromString(sign1Json.signature, 'base64url'),
143
+ key
144
+ });
145
145
  return {
146
146
  name: 'mdoc',
147
147
  critical: true,
148
148
  error: !valid,
149
149
  message: `Signature of '${issuerCert ? (0, ssi_sdk_ext_x509_utils_1.getSubjectDN)(issuerCert).DN : kid}' was ${valid ? '' : 'in'}valid`,
150
- keyInfo: coseKeyInfo,
150
+ keyInfo: issuerCoseKeyInfo
151
151
  };
152
152
  });
153
153
  }
@@ -187,12 +187,12 @@ class X509CallbackService {
187
187
  * @param verificationTime
188
188
  */
189
189
  verifyCertificateChain(_a) {
190
- return __awaiter(this, arguments, void 0, function* ({ chain, trustAnchors = this.getTrustedCerts(), verificationTime, opts, }) {
190
+ return __awaiter(this, arguments, void 0, function* ({ chain, trustAnchors = this.getTrustedCerts(), verificationTime, opts }) {
191
191
  return yield (0, ssi_sdk_ext_x509_utils_1.validateX509CertificateChain)({
192
192
  chain,
193
193
  trustAnchors,
194
194
  verificationTime,
195
- opts,
195
+ opts
196
196
  });
197
197
  });
198
198
  }
@@ -214,7 +214,7 @@ class X509CallbackService {
214
214
  chain: chain, // The function will handle an empty array
215
215
  trustAnchors: trustedCerts !== null && trustedCerts !== void 0 ? trustedCerts : this.getTrustedCerts(),
216
216
  verificationTime: new Date(verificationAt.toEpochSeconds().toULong() * 1000),
217
- opts: { trustRootWhenNoAnchors: true },
217
+ opts: { trustRootWhenNoAnchors: true }
218
218
  });
219
219
  const cert = result.certificateChain ? result.certificateChain[result.certificateChain.length - 1] : undefined;
220
220
  return {
@@ -224,7 +224,7 @@ class X509CallbackService {
224
224
  critical: result.critical,
225
225
  message: result.message,
226
226
  error: result.error,
227
- verificationTime: verificationAt,
227
+ verificationTime: verificationAt
228
228
  };
229
229
  });
230
230
  }
package/dist/functions/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/functions/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2DAAuD;AACvD,6EAOyC;AACzC,+CAAgC;AAChC,iCAA4D;AAM5D,IAAO,yBAAyB,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,yBAAyB,CAAA;AAChF,IAAO,gBAAgB,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAA;AAE9D,IAAO,kBAAkB,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAA;AAM1E,IAAO,GAAG,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAA;AACzC,IAAO,OAAO,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAA;AAC5C,IAAO,eAAe,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,eAAe,CAAA;AAE5D,IAAO,aAAa,GAAG,mBAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,aAAa,CAAA;AACrD,IAAO,UAAU,GAAG,mBAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAA;AAC/C,IAAO,QAAQ,GAAG,mBAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAA;AAC3C,IAAO,QAAQ,GAAG,mBAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAA;AAG3C,MAAa,iBAAiB;IAC5B,YAAoB,OAA0B;QAA1B,YAAO,GAAP,OAAO,CAAmB;IAAG,CAAC;IAElD,UAAU,CAAC,OAAyB;QAClC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;IACxB,CAAC;IAEK,SAAS,CAAC,KAAqB,EAAE,cAAiC;;;YACtE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBAClB,MAAM,KAAK,CAAC,yFAAyF,CAAC,CAAA;YACxG,CAAC;YACD,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,KAAK,CAAA;YACrC,IAAI,SAAS,GAAG,MAAA,OAAO,CAAC,SAAS,mCAAI,SAAS,CAAA;YAC9C,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAA;gBACvB,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;oBAChB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,2EAA2E,CAAC,CAAC,CAAA;gBAC3G,CAAC;gBACD,MAAM,eAAe,GAAG,eAAe,CAAC,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;gBACxE,MAAM,UAAU,GAAyB,yBAAyB,CAAC,oBAAoB,CAAC,eAAe,CAAC,CAAA;gBACxG,MAAM,GAAG,GAAG,MAAA,MAAA,UAAU,CAAC,GAAG,mCAAI,GAAG,CAAC,cAAc,CAAC,IAAI,CAAC,mCAAI,SAAS,CAAA;gBACnE,IAAI,CAAC,GAAG,EAAE,CAAC;oBACT,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAA;gBAChD,CAAC;gBACD,SAAS,GAAG,GAAG,CAAA;YACjB,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC;gBACrD,SAAS,EAAE,GAAG,CAAC,IAAM,CAAC,KAAK;gBAC3B,IAAI,EAAE,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,IAAI,CAAC;gBACpC,QAAQ,EAAE,OAAO;gBACjB,MAAM,EAAE,SAAW;aACpB,CAAC,CAAA;YACF,OAAO,UAAU,CAAC,MAAM,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAA;QAC1C,CAAC;KAAA;IAEK,YAAY,CAChB,KAA8B,EAC9B,OAA+B,EAC/B,cAAiC;;;YAEjC,MAAM,aAAa,GAAG,CACpB,GAA4B,EAI3B,EAAE;gBACH,IAAI,cAAc,IAAI,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;oBACjD,yHAAyH;oBACzH,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC,CAAA;gBACrF,CAAC;gBACD,2JAA2J;gBAC3J,UAAU,GAAG,GAAG,CAAC,CAAC,CAAC,IAAA,kDAAyB,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;gBAChE,IAAI,UAAU,EAAE,CAAC;oBACf,eAAe,GAAG,MAAM,UAAU,CAAC,YAAY,EAAE,CAAA;gBACnD,CAAC;gBACD,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,CAAA;YACxC,CAAC,CAAA,CAAA;YAED,IAAI,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,GAAG,0CAAE,CAAC,EAAE,CAAC;gBACpB,MAAM,KAAK,CAAC,oCAAoC,CAAC,CAAA;YACnD,CAAC;iBAAM,IAAI,CAAC,CAAA,MAAA,KAAK,CAAC,OAAO,0CAAE,KAAK,CAAA,EAAE,CAAC;gBACjC,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,oDAAoD,CAAC,CAAC,CAAA;YACpF,CAAC;YACD,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,EAAE,CAAA,CAAC,wEAAwE;YACzG,MAAM,OAAO,GAAG,SAAS,CAAC,eAAe,CAAC,GAAG,CAAA;YAC7C,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC,CAAA;YACjE,CAAC;YAED,IAAI,eAA0B,CAAA;YAC9B,IAAI,UAAmC,CAAA;YACvC,IAAI,GAAG,GAAG,MAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,GAAG,mCAAI,SAAS,CAAC,eAAe,CAAC,GAAG,mCAAI,MAAA,SAAS,CAAC,iBAAiB,0CAAE,GAAG,CAAA;YAC3F,8HAA8H;YAC9H,MAAM,GAAG,GAAG,MAAA,MAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,GAAG,0CAAE,uBAAuB,EAAE,mCAAI,MAAA,SAAS,CAAC,eAAe,0CAAE,OAAO,mCAAI,MAAA,SAAS,CAAC,iBAAiB,0CAAE,OAAO,CAAA;YACjI,IAAI,CAAC,OAAO,IAAI,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,GAAG,CAAA,KAAI,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,GAAG,0CAAE,OAAO,CAAA,EAAE,CAAC;gBACvD,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,CAAA;gBAC3C,eAAe,GAAG,UAAU,CAAC,eAAe,CAAA;gBAC5C,UAAU,GAAG,UAAU,CAAC,UAAU,CAAA;YACpC,CAAC;iBAAM,CAAC;gBACN,MAAM,UAAU,GAAG,yBAAyB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAA;gBAClE,IAAI,CAAC,CAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,GAAG,CAAA,EAAE,CAAC;oBACrB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,wFAAwF,CAAC,CAAC,CAAA;gBACxH,CAAC;gBACD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAA;gBAC1B,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;oBACjB,GAAG,GAAG,GAAG,CAAC,GAAG,CAAA;gBACf,CAAC;gBACD,IAAI,MAAM,GAAG,MAAA,GAAG,CAAC,GAAG,mCAAI,OAAO,CAAA;gBAC/B,MAAM,GAAG,GAAW,MAAA,MAAA,GAAG,CAAC,GAAG,0CAAE,KAAK,mCAAI,OAAO,CAAA;gBAC7C,eAAe,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAC7C,KAAK,EACL,4CACE,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC,KAAK,EAClB,GAAG,IACA,CAAC,GAAG,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,GAC7B,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,GACvB,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,CACN,EACtB;oBACE,IAAI,EAAE,MAAM,CAAC,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK;oBACpD,UAAU,EAAE,GAAG;iBAChB,EACD,IAAI,EACJ,CAAC,QAAQ,CAAC,CACX,CAAA;YACH,CAAC;YAED,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,eAAe,CAAC,CAAA;YACzE,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAA;YAC3B,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,gBAAgB,EAAE,CAAA;YAClE,MAAM,WAAW,GAAG,yBAAyB,CAAC,aAAa,CAAC,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,IAAI,OAAO,CAAc,GAAG,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAA;YACvH,MAAM,sBAAsB,GAAG,KAAK,CAAC,cAAc,CAAC,WAAW,EAAE,kBAAkB,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAA;YAC7G,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,iCAEjC,eAAe,CAAC,SAAS,KAC5B,IAAI,EAAE,CAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,QAAQ,CAAC,GAAG,CAAC,EAAC,CAAC,CAAC,OAAO,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,KAEnE,eAAe,EACf,UAAU,CAAC,SAAS,CAAC,SAAS,EAAE,QAAQ,CAAC,SAAS,CAAC,EACnD,UAAU,CAAC,sBAAsB,CAAC,cAAc,EAAE,QAAQ,CAAC,SAAS,CAAC,CACtE,CAAA;YAED,OAAO;gBACL,IAAI,EAAE,MAAM;gBACZ,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,CAAC,KAAK;gBACb,OAAO,EAAE,iBAAiB,UAAU,CAAC,CAAC,CAAC,IAAA,qCAAY,EAAC,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,SAAS,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,OAAO;gBACzG,OAAO,EAAE,WAAW;aAC0B,CAAA;QAClD,CAAC;KAAA;IAED,qBAAqB,CACnB,OAAyC;QAEzC,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;YAChB,OAAO,OAAO,CAAC,OAAO,CAAC,yBAAyB,CAAC,iBAAiB,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAA;QAC3F,CAAC;QACD,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,iGAAiG,CAAC,CAAC,CAAA;IACjI,CAAC;CACF;AA3ID,8CA2IC;AAED;;;;;;GAMG;AACH,MAAa,mBAAmB;IAG9B,YAAY,YAA4B;QA8DxC,oBAAe,GAAG,CAAC,iBAAiC,EAAE,EAAE;YACtD,IAAI,CAAC,aAAa,GAAG,iBAAiB,aAAjB,iBAAiB,uBAAjB,iBAAiB,CAAE,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;gBACnD,IAAI,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;oBACjC,MAAM;oBACN,OAAO,IAAI,CAAA;gBACb,CAAC;gBACD,OAAO,IAAA,iCAAQ,EAAC,IAAI,CAAC,CAAA;YACvB,CAAC,CAAC,CAAA;QACJ,CAAC,CAAA;QAED,oBAAe,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,aAAa,CAAA;QAvExC,IAAI,CAAC,eAAe,CAAC,YAAY,CAAC,CAAA;IACpC,CAAC;IAED;;;;;OAKG;IACG,sBAAsB;6DAAC,EAC3B,KAAK,EACL,YAAY,GAAG,IAAI,CAAC,eAAe,EAAE,EACrC,gBAAgB,EAChB,IAAI,GACuB;YAC3B,OAAO,MAAM,IAAA,qDAA4B,EAAC;gBACxC,KAAK;gBACL,YAAY;gBACZ,gBAAgB;gBAChB,IAAI;aACL,CAAC,CAAA;QACJ,CAAC;KAAA;IAED;;OAEG;IACG,wBAAwB,CAC5B,QAA+B,EAC/B,QAA4B,EAC5B,YAAgC,EAChC,mBAAyD,EACzD,gBAA6C;;;YAE7C,MAAM,cAAc,GAAG,gBAAgB,aAAhB,gBAAgB,cAAhB,gBAAgB,GAAI,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,aAAa,EAAE,CAAA;YACvF,IAAI,KAAK,GAA+B,EAAE,CAAA;YAC1C,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACpC,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;YACrD,CAAC;YACD,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACpC,KAAK,GAAG,CAAC,KAAK,aAAL,KAAK,cAAL,KAAK,GAAI,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;YACxC,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,IAAA,qDAA4B,EAAC;gBAChD,KAAK,EAAE,KAAK,EAAE,0CAA0C;gBACxD,YAAY,EAAE,YAAY,aAAZ,YAAY,cAAZ,YAAY,GAAI,IAAI,CAAC,eAAe,EAAE;gBACpD,gBAAgB,EAAE,IAAI,IAAI,CAAC,cAAc,CAAC,cAAc,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC;gBAC5E,IAAI,EAAE,EAAE,sBAAsB,EAAE,IAAI,EAAE;aACvC,CAAC,CAAA;YAEF,MAAM,IAAI,GAAgC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,MAAM,CAAC,gBAAgB,CAAC,MAAM,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAE3I,OAAO;gBACL,SAAS,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,YAAuB,EAAE,QAAQ;gBAClD,kBAAkB,EAAE,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,YAAY,0CAAE,GAAG;gBAC3C,IAAI,EAAE,OAAO;gBACb,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,gBAAgB,EAAE,cAAc;aACU,CAAA;QAC9C,CAAC;KAAA;CAaF;AA5ED,kDA4EC;AAED,MAAM,mBAAmB,GAAG,GAAG,EAAE;IAC/B,IAAI,OAAO,IAAI,KAAK,WAAW,EAAE,CAAC;QAChC,IAAI,QAAQ,IAAI,IAAI,EAAE,CAAC;YACrB,IAAI,UAAU,GAAG,WAAW,CAAA;YAC5B,IAAI,cAAc,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAClC,UAAU,GAAG,QAAQ,CAAA;YACvB,CAAC;YACD,aAAa;YACb,IAAA,iBAAS,EAAC,UAAU,EAAE,IAAI,oBAAY,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC,CAAA;QAC/E,CAAC;IACH,CAAC;SAAM,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,WAAW,IAAI,MAAM,EAAE,CAAC;QAClE,MAAM,IAAI,GAAG,YAAY,CAAA;QACzB,MAAM,UAAU,GAAG,MAAM,CAAC,SAAS,CAAA;QACnC,aAAa;QACb,IAAA,iBAAS,EAAC,IAAI,EAAE,IAAI,oBAAY,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC,CAAA;IACjE,CAAC;SAAM,CAAC;QACN,aAAa;QACb,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,OAAO,MAAM,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YAC1E,MAAM,IAAI,GAAG,QAAQ,CAAA;YACrB,IAAA,iBAAS,EAAC,IAAI,EAAE,IAAI,oBAAY,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC,CAAA;QAC7D,CAAC;IACH,CAAC;AACH,CAAC,CAAA;AAED,mBAAmB,EAAE,CAAA;AAErB,wIAAwI;AACxI,gBAAgB,CAAC,oBAAoB,CAAC,IAAI,iBAAiB,EAAE,CAAC,CAAA;AAC9D,gBAAgB,CAAC,cAAc,CAAC,IAAI,mBAAmB,EAAE,CAAC,CAAA"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/functions/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2DAAuD;AACvD,2EAAoE;AACpE,6EAQyC;AAEzC,+CAAgC;AAChC,iCAA4D;AAC5D,iDAAkC;AAElC,IAAO,WAAW,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAA;AAIzD,IAAO,yBAAyB,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,yBAAyB,CAAA;AAChF,IAAO,gBAAgB,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAA;AAE9D,IAAO,kBAAkB,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAA;AAO1E,IAAO,OAAO,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAA;AAC5C,IAAO,eAAe,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,eAAe,CAAA;AAE5D,IAAO,aAAa,GAAG,mBAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,aAAa,CAAA;AACrD,IAAO,UAAU,GAAG,mBAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAA;AAC/C,IAAO,QAAQ,GAAG,mBAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAA;AAC3C,IAAO,QAAQ,GAAG,mBAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAA;AAG3C,MAAa,iBAAiB;IAC5B,YAAoB,OAA0B;QAA1B,YAAO,GAAP,OAAO,CAAmB;IAC9C,CAAC;IAED,UAAU,CAAC,OAAyB;QAClC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;IACxB,CAAC;IAEK,SAAS,CAAC,KAAqB,EAAE,cAAiC;;;YACtE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBAClB,MAAM,KAAK,CAAC,yFAAyF,CAAC,CAAA;YACxG,CAAC;YACD,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,KAAK,CAAA;YACrC,IAAI,SAAS,GAAG,MAAA,OAAO,CAAC,SAAS,mCAAI,SAAS,CAAA;YAC9C,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAA;gBACvB,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;oBAChB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,2EAA2E,CAAC,CAAC,CAAA;gBAC3G,CAAC;gBACD,MAAM,eAAe,GAAG,eAAe,CAAC,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;gBACxE,MAAM,UAAU,GAAyB,yBAAyB,CAAC,oBAAoB,CAAC,eAAe,CAAC,CAAA;gBACxG,MAAM,GAAG,GAAG,MAAA,MAAA,UAAU,CAAC,GAAG,mCAAI,GAAG,CAAC,cAAc,CAAC,IAAI,CAAC,mCAAI,SAAS,CAAA;gBACnE,IAAI,CAAC,GAAG,EAAE,CAAC;oBACT,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAA;gBAChD,CAAC;gBACD,SAAS,GAAG,GAAG,CAAA;YACjB,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC;gBACrD,SAAS,EAAE,GAAG,CAAC,IAAM,CAAC,KAAK;gBAC3B,IAAI,EAAE,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,IAAI,CAAC;gBACpC,QAAQ,EAAE,OAAO;gBACjB,MAAM,EAAE,SAAW;aACpB,CAAC,CAAA;YACF,OAAO,UAAU,CAAC,MAAM,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAA;QAC1C,CAAC;KAAA;IAEK,YAAY,CAChB,KAA8B,EAC9B,OAA+B,EAC/B,cAAiC;;;YAEjC,MAAM,aAAa,GAAG,CACpB,GAA4B,EAI3B,EAAE;gBACH,IAAI,cAAc,IAAI,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;oBACjD,yHAAyH;oBACzH,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC,CAAA;gBACrF,CAAC;gBACD,2JAA2J;gBAC3J,UAAU,GAAG,GAAG,CAAC,CAAC,CAAC,IAAA,kDAAyB,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;gBAChE,IAAI,SAA0B,CAAA;gBAC9B,IAAI,UAAU,EAAE,CAAC;oBACf,MAAM,IAAI,GAAG,MAAM,IAAA,2CAAkB,EAAC,UAAU,CAAC,CAAA;oBACjD,SAAS,GAAG,IAAI,CAAC,YAAY,CAAA;gBAC/B,CAAC;gBACD,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,CAAA;YAClC,CAAC,CAAA,CAAA;YAED,MAAM,WAAW,GAAG,yBAAyB,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;YAEpE,IAAI,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,GAAG,0CAAE,CAAC,EAAE,CAAC;gBACxB,MAAM,KAAK,CAAC,oCAAoC,CAAC,CAAA;YACnD,CAAC;iBAAM,IAAI,CAAC,CAAA,MAAA,KAAK,CAAC,OAAO,0CAAE,KAAK,CAAA,EAAE,CAAC;gBACjC,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,oDAAoD,CAAC,CAAC,CAAA;YACpF,CAAC;YACD,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,EAAE,CAAA,CAAC,wEAAwE;YACzG,MAAM,OAAO,GAAG,SAAS,CAAC,eAAe,CAAC,GAAG,CAAA;YAC7C,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC,CAAA;YACjE,CAAC;YAED,IAAI,UAAmC,CAAA;YACvC,IAAI,aAAsC,CAAA;YAC1C,IAAI,GAAG,GAAG,MAAA,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,GAAG,mCAAI,SAAS,CAAC,eAAe,CAAC,GAAG,mCAAI,MAAA,SAAS,CAAC,iBAAiB,0CAAE,GAAG,CAAA;YAC/F,8HAA8H;YAC9H,MAAM,GAAG,GAAG,MAAA,MAAA,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,GAAG,0CAAE,uBAAuB,EAAE,mCAAI,MAAA,SAAS,CAAC,eAAe,0CAAE,OAAO,mCAAI,MAAA,SAAS,CAAC,iBAAiB,0CAAE,OAAO,CAAA;YACrI,IAAI,CAAC,WAAW,IAAI,CAAC,CAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,GAAG,CAAA,KAAI,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,GAAG,0CAAE,OAAO,CAAA,EAAE,CAAC;gBACnE,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,CAAA;gBAC3C,aAAa,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,yBAAyB,CAAC,SAAS,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;gBAC5G,UAAU,GAAG,UAAU,CAAC,UAAU,CAAA;YACpC,CAAC;YACD,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,IAAI,CAAC,CAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,GAAG,CAAA,EAAE,CAAC;oBACtB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,wFAAwF,CAAC,CAAC,CAAA;gBACxH,CAAC;gBACD,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;oBACjB,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,cAAc,CAAC,KAAK,CAAC,CAAA;gBAC7C,CAAC;gBACD,aAAa,GAAG,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;YAC7D,CAAC;YAED,MAAM,iBAAiB,GAAG,IAAI,OAAO,CAAc,GAAG,EAAE,aAAa,EAAE,WAAW,CAAC,IAAI,EAAE,WAAW,CAAC,aAAa,EAAE,MAAA,aAAa,CAAC,qBAAqB,EAAE,mCAAI,WAAW,CAAC,kBAAkB,EAAE,GAAG,EAAE,WAAW,CAAC,SAAS,EAAE,WAAW,CAAC,GAAG,EAAE,MAAA,WAAW,CAAC,OAAO,mCAAI,aAAa,CAAC,MAAM,EAAE,CAAC,CAAA;YACxR,MAAM,sBAAsB,GAAG,KAAK,CAAC,cAAc,CAAC,iBAAiB,EAAE,kBAAkB,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAA;YACnH,MAAM,GAAG,GAAG,yBAAyB,CAAC,SAAS,CAAC,iBAAiB,CAAC,GAAI,CAAC,CAAC,SAAS,EAAO,CAAA;YACxF,MAAM,KAAK,GAAG,MAAM,IAAA,0CAAkB,EAAC;gBACrC,IAAI,EAAE,GAAG,CAAC,UAAU,CAAC,sBAAsB,CAAC,cAAc,EAAE,WAAW,CAAC;gBACxE,SAAS,EAAE,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,SAAS,EAAE,WAAW,CAAC;gBAC3D,GAAG;aACJ,CAAC,CAAA;YAGF,OAAO;gBACL,IAAI,EAAE,MAAM;gBACZ,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,CAAC,KAAK;gBACb,OAAO,EAAE,iBAAiB,UAAU,CAAC,CAAC,CAAC,IAAA,qCAAY,EAAC,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,SAAS,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,OAAO;gBACzG,OAAO,EAAE,iBAAiB;aACoB,CAAA;QAClD,CAAC;KAAA;IAED,qBAAqB,CACnB,OAAyC;QAEzC,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;YAChB,OAAO,OAAO,CAAC,OAAO,CAAC,yBAAyB,CAAC,iBAAiB,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAA;QAC3F,CAAC;QACD,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,iGAAiG,CAAC,CAAC,CAAA;IACjI,CAAC;CACF;AAzHD,8CAyHC;AAED;;;;;;GAMG;AACH,MAAa,mBAAmB;IAG9B,YAAY,YAA4B;QA8DxC,oBAAe,GAAG,CAAC,iBAAiC,EAAE,EAAE;YACtD,IAAI,CAAC,aAAa,GAAG,iBAAiB,aAAjB,iBAAiB,uBAAjB,iBAAiB,CAAE,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;gBACnD,IAAI,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;oBACjC,MAAM;oBACN,OAAO,IAAI,CAAA;gBACb,CAAC;gBACD,OAAO,IAAA,iCAAQ,EAAC,IAAI,CAAC,CAAA;YACvB,CAAC,CAAC,CAAA;QACJ,CAAC,CAAA;QAED,oBAAe,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,aAAa,CAAA;QAvExC,IAAI,CAAC,eAAe,CAAC,YAAY,CAAC,CAAA;IACpC,CAAC;IAED;;;;;OAKG;IACG,sBAAsB;6DAAC,EACE,KAAK,EACL,YAAY,GAAG,IAAI,CAAC,eAAe,EAAE,EACrC,gBAAgB,EAChB,IAAI,EACuB;YACxD,OAAO,MAAM,IAAA,qDAA4B,EAAC;gBACxC,KAAK;gBACL,YAAY;gBACZ,gBAAgB;gBAChB,IAAI;aACL,CAAC,CAAA;QACJ,CAAC;KAAA;IAED;;OAEG;IACG,wBAAwB,CAC5B,QAA+B,EAC/B,QAA4B,EAC5B,YAAgC,EAChC,mBAAyD,EACzD,gBAA6C;;;YAE7C,MAAM,cAAc,GAAG,gBAAgB,aAAhB,gBAAgB,cAAhB,gBAAgB,GAAI,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,aAAa,EAAE,CAAA;YACvF,IAAI,KAAK,GAA+B,EAAE,CAAA;YAC1C,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACpC,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;YACrD,CAAC;YACD,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACpC,KAAK,GAAG,CAAC,KAAK,aAAL,KAAK,cAAL,KAAK,GAAI,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;YACxC,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,IAAA,qDAA4B,EAAC;gBAChD,KAAK,EAAE,KAAK,EAAE,0CAA0C;gBACxD,YAAY,EAAE,YAAY,aAAZ,YAAY,cAAZ,YAAY,GAAI,IAAI,CAAC,eAAe,EAAE;gBACpD,gBAAgB,EAAE,IAAI,IAAI,CAAC,cAAc,CAAC,cAAc,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC;gBAC5E,IAAI,EAAE,EAAE,sBAAsB,EAAE,IAAI,EAAE;aACvC,CAAC,CAAA;YAEF,MAAM,IAAI,GAAgC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,MAAM,CAAC,gBAAgB,CAAC,MAAM,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAE3I,OAAO;gBACL,SAAS,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,YAAuB,EAAE,QAAQ;gBAClD,kBAAkB,EAAE,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,YAAY,0CAAE,GAAG;gBAC3C,IAAI,EAAE,OAAO;gBACb,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,gBAAgB,EAAE,cAAc;aACU,CAAA;QAC9C,CAAC;KAAA;CAaF;AA5ED,kDA4EC;AAED,MAAM,mBAAmB,GAAG,GAAG,EAAE;IAC/B,IAAI,OAAO,IAAI,KAAK,WAAW,EAAE,CAAC;QAChC,IAAI,QAAQ,IAAI,IAAI,EAAE,CAAC;YACrB,IAAI,UAAU,GAAG,WAAW,CAAA;YAC5B,IAAI,cAAc,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAClC,UAAU,GAAG,QAAQ,CAAA;YACvB,CAAC;YACD,aAAa;YACb,IAAA,iBAAS,EAAC,UAAU,EAAE,IAAI,oBAAY,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC,CAAA;QAC/E,CAAC;IACH,CAAC;SAAM,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,WAAW,IAAI,MAAM,EAAE,CAAC;QAClE,MAAM,IAAI,GAAG,YAAY,CAAA;QACzB,MAAM,UAAU,GAAG,MAAM,CAAC,SAAS,CAAA;QACnC,aAAa;QACb,IAAA,iBAAS,EAAC,IAAI,EAAE,IAAI,oBAAY,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC,CAAA;IACjE,CAAC;SAAM,CAAC;QACN,aAAa;QACb,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,OAAO,MAAM,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YAC1E,MAAM,IAAI,GAAG,QAAQ,CAAA;YACrB,IAAA,iBAAS,EAAC,IAAI,EAAE,IAAI,oBAAY,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC,CAAA;QAC7D,CAAC;IACH,CAAC;AACH,CAAC,CAAA;AAED,mBAAmB,EAAE,CAAA;AAErB,wIAAwI;AACxI,gBAAgB,CAAC,oBAAoB,CAAC,IAAI,iBAAiB,EAAE,CAAC,CAAA;AAC9D,gBAAgB,CAAC,cAAc,CAAC,IAAI,mBAAmB,EAAE,CAAC,CAAA"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@sphereon/ssi-sdk.mdl-mdoc",
3
- "version": "0.31.1-next.21+a02ce00a",
3
+ "version": "0.31.1-next.23+72042c10",
4
4
  "source": "src/index.ts",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
@@ -15,14 +15,14 @@
15
15
  },
16
16
  "dependencies": {
17
17
  "@sphereon/did-auth-siop": "0.16.1-next.224",
18
- "@sphereon/kmp-mdoc-core": "0.2.0-SNAPSHOT.16",
18
+ "@sphereon/kmp-mdoc-core": "0.2.0-SNAPSHOT.22",
19
19
  "@sphereon/pex": "5.0.0-unstable.28",
20
20
  "@sphereon/pex-models": "^2.3.2",
21
- "@sphereon/ssi-sdk-ext.did-utils": "0.26.1-next.20",
22
- "@sphereon/ssi-sdk-ext.key-utils": "0.26.1-next.20",
23
- "@sphereon/ssi-sdk-ext.x509-utils": "0.26.1-next.20",
24
- "@sphereon/ssi-sdk.core": "0.31.1-next.21+a02ce00a",
25
- "@sphereon/ssi-types": "0.31.1-next.21+a02ce00a",
21
+ "@sphereon/ssi-sdk-ext.did-utils": "0.26.1-next.23",
22
+ "@sphereon/ssi-sdk-ext.key-utils": "0.26.1-next.23",
23
+ "@sphereon/ssi-sdk-ext.x509-utils": "0.26.1-next.23",
24
+ "@sphereon/ssi-sdk.core": "0.31.1-next.23+72042c10",
25
+ "@sphereon/ssi-types": "0.31.1-next.23+72042c10",
26
26
  "@veramo/core": "4.2.0",
27
27
  "@veramo/did-manager": "4.2.0",
28
28
  "@veramo/utils": "4.2.0",
@@ -37,12 +37,12 @@
37
37
  "devDependencies": {
38
38
  "@sphereon/oid4vci-client": "0.16.1-next.224",
39
39
  "@sphereon/oid4vci-common": "0.16.1-next.224",
40
- "@sphereon/ssi-express-support": "0.31.1-next.21+a02ce00a",
41
- "@sphereon/ssi-sdk-ext.key-manager": "0.26.1-next.20",
42
- "@sphereon/ssi-sdk-ext.kms-local": "0.26.1-next.20",
43
- "@sphereon/ssi-sdk.agent-config": "0.31.1-next.21+a02ce00a",
44
- "@sphereon/ssi-sdk.data-store": "0.31.1-next.21+a02ce00a",
45
- "@sphereon/ssi-sdk.public-key-hosting": "0.31.1-next.21+a02ce00a",
40
+ "@sphereon/ssi-express-support": "0.31.1-next.23+72042c10",
41
+ "@sphereon/ssi-sdk-ext.key-manager": "0.26.1-next.23",
42
+ "@sphereon/ssi-sdk-ext.kms-local": "0.26.1-next.23",
43
+ "@sphereon/ssi-sdk.agent-config": "0.31.1-next.23+72042c10",
44
+ "@sphereon/ssi-sdk.data-store": "0.31.1-next.23+72042c10",
45
+ "@sphereon/ssi-sdk.public-key-hosting": "0.31.1-next.23+72042c10",
46
46
  "@transmute/json-web-signature": "0.7.0-unstable.81",
47
47
  "@types/cors": "^2.8.17",
48
48
  "@types/express": "^4.17.21",
@@ -78,5 +78,5 @@
78
78
  "EBSI Authorization Client"
79
79
  ],
80
80
  "nx": {},
81
- "gitHead": "a02ce00a789225d926f4a3511acef4da345bf147"
81
+ "gitHead": "72042c10642a44eddc81633f9de1b8b18cc6ac4f"
82
82
  }
package/src/functions/index.ts CHANGED
@@ -1,14 +1,18 @@
1
1
  import { com, Nullable } from '@sphereon/kmp-mdoc-core'
2
+ import { verifyRawSignature } from '@sphereon/ssi-sdk-ext.key-utils'
2
3
  import {
3
4
  CertificateInfo,
4
5
  derToPEM,
6
+ getCertificateInfo,
5
7
  getSubjectDN,
6
8
  pemOrDerToX509Certificate,
7
9
  validateX509CertificateChain,
8
- X509ValidationResult,
10
+ X509ValidationResult
9
11
  } from '@sphereon/ssi-sdk-ext.x509-utils'
12
+ import { JWK } from '@sphereon/ssi-types'
10
13
  import * as crypto from 'crypto'
11
14
  import { Certificate, CryptoEngine, setEngine } from 'pkijs'
15
+ import * as u8a from 'uint8arrays'
12
16
  import { IRequiredContext, VerifyCertificateChainArgs } from '../types/ImDLMdoc'
13
17
  import CoseKeyCbor = com.sphereon.crypto.cose.CoseKeyCbor
14
18
  import CoseSign1Cbor = com.sphereon.crypto.cose.CoseSign1Cbor
@@ -34,7 +38,8 @@ import Encoding = com.sphereon.kmp.Encoding
34
38
  import LocalDateTimeKMP = com.sphereon.kmp.LocalDateTimeKMP
35
39
 
36
40
  export class CoseCryptoService implements ICoseCryptoCallbackJS {
37
- constructor(private context?: IRequiredContext) {}
41
+ constructor(private context?: IRequiredContext) {
42
+ }
38
43
 
39
44
  setContext(context: IRequiredContext) {
40
45
  this.context = context
@@ -63,7 +68,7 @@ export class CoseCryptoService implements ICoseCryptoCallbackJS {
63
68
  algorithm: alg.jose!!.value,
64
69
  data: encodeTo(value, Encoding.UTF8),
65
70
  encoding: 'utf-8',
66
- keyRef: kmsKeyRef!!,
71
+ keyRef: kmsKeyRef!!
67
72
  })
68
73
  return decodeFrom(result, Encoding.UTF8)
69
74
  }
@@ -71,13 +76,13 @@ export class CoseCryptoService implements ICoseCryptoCallbackJS {
71
76
  async verify1Async<CborType>(
72
77
  input: CoseSign1Cbor<CborType>,
73
78
  keyInfo: IKeyInfo<ICoseKeyCbor>,
74
- requireX5Chain: Nullable<boolean>,
79
+ requireX5Chain: Nullable<boolean>
75
80
  ): Promise<IVerifySignatureResult<ICoseKeyCbor>> {
76
81
  const getCertAndKey = async (
77
- x5c: Nullable<Array<string>>,
82
+ x5c: Nullable<Array<string>>
78
83
  ): Promise<{
79
84
  issuerCert?: Certificate
80
- issuerPublicKey: CryptoKey
85
+ issuerJwk?: Jwk
81
86
  }> => {
82
87
  if (requireX5Chain && (!x5c || x5c.length === 0)) {
83
88
  // We should not be able to get here anyway, as the MLD-mdoc library already validated at this point. But let's make sure
@@ -85,13 +90,17 @@ export class CoseCryptoService implements ICoseCryptoCallbackJS {
85
90
  }
86
91
  // TODO: According to the IETF spec there should be a x5t in case the x5chain is in the protected headers. In the Funke this does not seem to be done/used!
87
92
  issuerCert = x5c ? pemOrDerToX509Certificate(x5c[0]) : undefined
93
+ let issuerJwk: Jwk | undefined
88
94
  if (issuerCert) {
89
- issuerPublicKey = await issuerCert.getPublicKey()
95
+ const info = await getCertificateInfo(issuerCert)
96
+ issuerJwk = info.publicKeyJWK
90
97
  }
91
- return { issuerCert, issuerPublicKey }
98
+ return { issuerCert, issuerJwk }
92
99
  }
93
100
 
94
- if (keyInfo?.key?.d) {
101
+ const coseKeyInfo = CoseJoseKeyMappingService.toCoseKeyInfo(keyInfo)
102
+
103
+ if (coseKeyInfo?.key?.d) {
95
104
  throw Error('Do not use private keys to verify!')
96
105
  } else if (!input.payload?.value) {
97
106
  return Promise.reject(Error('Signature validation without payload not supported'))
@@ -102,70 +111,47 @@ export class CoseCryptoService implements ICoseCryptoCallbackJS {
102
111
  return Promise.reject(Error('No alg protected header present'))
103
112
  }
104
113
 
105
- let issuerPublicKey: CryptoKey
106
114
  let issuerCert: Certificate | undefined
107
- let kid = keyInfo?.kid ?? sign1Json.protectedHeader.kid ?? sign1Json.unprotectedHeader?.kid
115
+ let issuerCoseKey: CoseKeyCbor | undefined
116
+ let kid = coseKeyInfo?.kid ?? sign1Json.protectedHeader.kid ?? sign1Json.unprotectedHeader?.kid
108
117
  // Please note this method does not perform chain validation. The MDL-MSO_MDOC library already performed this before this step
109
- const x5c = keyInfo?.key?.getX509CertificateChain() ?? sign1Json.protectedHeader?.x5chain ?? sign1Json.unprotectedHeader?.x5chain
110
- if (!keyInfo || !keyInfo?.key || keyInfo?.key?.x5chain) {
118
+ const x5c = coseKeyInfo?.key?.getX509CertificateChain() ?? sign1Json.protectedHeader?.x5chain ?? sign1Json.unprotectedHeader?.x5chain
119
+ if (!coseKeyInfo || !coseKeyInfo?.key || coseKeyInfo?.key?.x5chain) {
111
120
  const certAndKey = await getCertAndKey(x5c)
112
- issuerPublicKey = certAndKey.issuerPublicKey
121
+ issuerCoseKey = certAndKey.issuerJwk ? CoseJoseKeyMappingService.toCoseKey(certAndKey.issuerJwk) : undefined
113
122
  issuerCert = certAndKey.issuerCert
114
- } else {
115
- const jwkKeyInfo = CoseJoseKeyMappingService.toJwkKeyInfo(keyInfo)
116
- if (!jwkKeyInfo?.key) {
123
+ }
124
+ if (!issuerCoseKey) {
125
+ if (!coseKeyInfo?.key) {
117
126
  return Promise.reject(Error(`Either a x5c needs to be in the headers, or you need to provide a key for verification`))
118
127
  }
119
- const jwk = jwkKeyInfo.key
120
128
  if (kid === null) {
121
- kid = jwk.kid
129
+ kid = coseKeyInfo.key.getKidAsString(false)
122
130
  }
123
- let keyAlg = jwk.kty ?? 'ECDSA'
124
- const crv: string = jwk.crv?.value ?? 'P-256'
125
- issuerPublicKey = await crypto.subtle.importKey(
126
- 'jwk',
127
- {
128
- kty: jwk.kty.value,
129
- crv,
130
- ...(jwk.x5c && { x5c: jwk.x5c }),
131
- ...(jwk.x && { x: jwk.x }),
132
- ...(jwk.y && { y: jwk.y }),
133
- } satisfies JsonWebKey,
134
- {
135
- name: keyAlg.value === 'EC' ? 'ECDSA' : keyAlg.value,
136
- namedCurve: crv,
137
- },
138
- true,
139
- ['verify'],
140
- )
131
+ issuerCoseKey = CoseKeyCbor.Static.fromDTO(coseKeyInfo.key)
141
132
  }
142
133
 
143
- const exportedJwk = await crypto.subtle.exportKey('jwk', issuerPublicKey)
144
- const crv = exportedJwk.crv
145
- const coseKey = Jwk.Static.fromDTO(exportedJwk).jwkToCoseKeyJson()
146
- const coseKeyInfo = CoseJoseKeyMappingService.toCoseKeyInfo(keyInfo ?? new KeyInfo<CoseKeyCbor>(kid, coseKey.toCbor()))
147
- const recalculatedToBeSigned = input.toBeSignedJson(coseKeyInfo, SignatureAlgorithm.Static.fromCose(coseAlg))
148
- const valid = await crypto.subtle.verify(
149
- {
150
- ...issuerPublicKey.algorithm,
151
- hash: crv?.includes('-') ? `SHA-${crv.split('-')[1]}` : 'SHA-256', // todo: this needs to be more robust
152
- },
153
- issuerPublicKey,
154
- decodeFrom(sign1Json.signature, Encoding.BASE64URL),
155
- decodeFrom(recalculatedToBeSigned.base64UrlValue, Encoding.BASE64URL),
156
- )
134
+ const issuerCoseKeyInfo = new KeyInfo<CoseKeyCbor>(kid, issuerCoseKey, coseKeyInfo.opts, coseKeyInfo.keyVisibility, issuerCoseKey.getSignatureAlgorithm() ?? coseKeyInfo.signatureAlgorithm, x5c, coseKeyInfo.kmsKeyRef, coseKeyInfo.kms, coseKeyInfo.keyType ?? issuerCoseKey.getKty())
135
+ const recalculatedToBeSigned = input.toBeSignedJson(issuerCoseKeyInfo, SignatureAlgorithm.Static.fromCose(coseAlg))
136
+ const key = CoseJoseKeyMappingService.toJoseJwk(issuerCoseKeyInfo.key!).toJsonDTO<JWK>()
137
+ const valid = await verifyRawSignature({
138
+ data: u8a.fromString(recalculatedToBeSigned.base64UrlValue, 'base64url'),
139
+ signature: u8a.fromString(sign1Json.signature, 'base64url'),
140
+ key
141
+ })
142
+
157
143
 
158
144
  return {
159
145
  name: 'mdoc',
160
146
  critical: true,
161
147
  error: !valid,
162
148
  message: `Signature of '${issuerCert ? getSubjectDN(issuerCert).DN : kid}' was ${valid ? '' : 'in'}valid`,
163
- keyInfo: coseKeyInfo,
149
+ keyInfo: issuerCoseKeyInfo
164
150
  } satisfies IVerifySignatureResult<ICoseKeyCbor>
165
151
  }
166
152
 
167
153
  resolvePublicKeyAsync<KT extends com.sphereon.crypto.IKey>(
168
- keyInfo: com.sphereon.crypto.IKeyInfo<KT>,
154
+ keyInfo: com.sphereon.crypto.IKeyInfo<KT>
169
155
  ): Promise<com.sphereon.crypto.IResolvedKeyInfo<KT>> {
170
156
  if (keyInfo.key) {
171
157
  return Promise.resolve(CoseJoseKeyMappingService.toResolvedKeyInfo(keyInfo, keyInfo.key))
@@ -195,16 +181,16 @@ export class X509CallbackService implements IX509ServiceJS {
195
181
  * @param verificationTime
196
182
  */
197
183
  async verifyCertificateChain({
198
- chain,
199
- trustAnchors = this.getTrustedCerts(),
200
- verificationTime,
201
- opts,
202
- }: VerifyCertificateChainArgs): Promise<X509ValidationResult> {
184
+ chain,
185
+ trustAnchors = this.getTrustedCerts(),
186
+ verificationTime,
187
+ opts
188
+ }: VerifyCertificateChainArgs): Promise<X509ValidationResult> {
203
189
  return await validateX509CertificateChain({
204
190
  chain,
205
191
  trustAnchors,
206
192
  verificationTime,
207
- opts,
193
+ opts
208
194
  })
209
195
  }
210
196
 
@@ -216,7 +202,7 @@ export class X509CallbackService implements IX509ServiceJS {
216
202
  chainPEM: Nullable<string[]>,
217
203
  trustedCerts: Nullable<string[]>,
218
204
  verificationProfile?: X509VerificationProfile | undefined,
219
- verificationTime?: Nullable<LocalDateTimeKMP>,
205
+ verificationTime?: Nullable<LocalDateTimeKMP>
220
206
  ): Promise<IX509VerificationResult<KeyType>> {
221
207
  const verificationAt = verificationTime ?? DateTimeUtils.Static.DEFAULT.dateTimeLocal()
222
208
  let chain: Array<string | Uint8Array> = []
@@ -230,7 +216,7 @@ export class X509CallbackService implements IX509ServiceJS {
230
216
  chain: chain, // The function will handle an empty array
231
217
  trustAnchors: trustedCerts ?? this.getTrustedCerts(),
232
218
  verificationTime: new Date(verificationAt.toEpochSeconds().toULong() * 1000),
233
- opts: { trustRootWhenNoAnchors: true },
219
+ opts: { trustRootWhenNoAnchors: true }
234
220
  })
235
221
 
236
222
  const cert: CertificateInfo | undefined = result.certificateChain ? result.certificateChain[result.certificateChain.length - 1] : undefined
@@ -242,7 +228,7 @@ export class X509CallbackService implements IX509ServiceJS {
242
228
  critical: result.critical,
243
229
  message: result.message,
244
230
  error: result.error,
245
- verificationTime: verificationAt,
231
+ verificationTime: verificationAt
246
232
  } satisfies IX509VerificationResult<KeyType>
247
233
  }
248
234